Skip to Main content Skip to Navigation

XSS-FP: Browser Fingerprinting using HTML Parser Quirks

Abstract : There are many scenarios in which inferring the type of a client browser is desirable, for instance to fight against session stealing. This is known as browser fingerprinting. This paper presents and evaluates a novel fingerprinting technique to determine the exact nature (browser type and version, eg Firefox 15) of a web-browser, exploiting HTML parser quirks exercised through XSS. Our experiments show that the exact version of a web browser can be determined with 71\% of accuracy, and that only 6 tests are sufficient to quickly determine the exact family a web browser belongs to.
Complete list of metadata

Cited literature [14 references]  Display  Hide  Download
Contributor : Martin Monperrus Connect in order to contact the contributor
Submitted on : Monday, November 19, 2012 - 10:07:08 PM
Last modification on : Wednesday, April 6, 2022 - 3:48:19 PM
Long-term archiving on: : Saturday, December 17, 2016 - 11:50:57 AM


Files produced by the author(s)


  • HAL Id : hal-00753926, version 1
  • ARXIV : 1211.4812


Erwan Abgrall, yves Le Traon, Martin Monperrus, Sylvain Gombault, Mario Heiderich, et al.. XSS-FP: Browser Fingerprinting using HTML Parser Quirks. [Research Report] 12888, SnT. 2012. ⟨hal-00753926⟩



Record views


Files downloads